Last May, I reported on a breach affecting patients at Piedmont Healthcare and Presbyterian Anesthesia Associates in North Carolina whose website host, E-dreamz, had been hacked. At the time, I noted that not only patient data but some employee information was involved for Piedmont.
Today, Kathryn Burcham of WSOC-TV reports that dozens of Piedmont Healthcare employees and people who applied for jobs at the health care provider became victims of tax refund fraud. Burcham reports:
Last spring, Piedmont officials notified all 750 employees that the company’s former website hosting company, E-Dreamz, had its servers breached by a hacker.
At the time, company officials estimated up to 10,000 people were at risk for having their information stolen.
But Channel 9 learned while all Piedmont employees were notified about the initial data breach, only a fraction of the workers knew about the rash of identity theft cases that emerged in the past few months.
In recent weeks, I’ve blogged about the rash of tax refund ID theft affecting healthcare professionals. Could the hack at e-Dreamz last year explain some of the reports? While some of us were thinking about insurers that may have been hacked, maybe we should be thinking about web hosts, too.